Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1201
  • Last Modified:

how to block my lan to surf adult site?

i have a linux my linux router...i have snort, firewall second nic is connected to switch and then from switch to my i want if on of the client in LAN typing something at webbrowser such as the page will be replace with a page that i create my own that possible?
1 Solution
What you want to do is install a proxy.  Check out "squid" at
operation1612Author Commented:
you mean install a proxy in my gateway?...that mean i will have to open port for proxy?...
operation1612Author Commented:
at least i dont want any another port to be open in my linux router...unless there is no other choice...thanks
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Squid is a proxy that you can install in the same box.  What you can do is intercept http requests coming from the inside network, look at what is being requested and then reply appropriately.  

There doesn't have to be any additional ports open from the outside to accomplish this (or the inside either, for that matter).
install squid (or whatever proxy you like), then use iptables to redirect any outbound traffic to squid, ready.
I run DansGuardian on top of Squid as a content filter system like so:

user -> dansguardian:3128  -> (good) squid:80 -> Internet
                   (bad) blocked page that I crafted from the available template

Follow that up with iptables to block direct connect and use the squidguard ruleset that very easily integrates with DansGuardian and you have a pretty darn good content filter system.

Alternatively, you can leave the squid off (i.e. no caching) and simply just use dansguardian as a filter.
dansguradian is definetaly good but sometimes it slow down the internet speed...

use squid and its ACL
go through this link and u can block any site to some and allow some... through this u can do anything u want in a proxy server ..... squid alone is very powerfull...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now